JP2009159365A - Image data verification program, image data verification method and image data verification system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technique for disclosing partially encrypted (concealed) image data by both of paper media and digital media and achieving browser's decoding processing and partial originality verification. <P>SOLUTION: A digital signature is attached to the whole hash value of original image data and registered together with an original, a concealing portion to be concealed in the original image data is print-encrypted and digitally encrypted, the print-encrypted concealing portion is printably buried in the original image data and disclosed as encrypted image data to a print disclosure request, and in verification processing, a hash value obtained from the encrypted image data is compared with a hash value obtained from the original image data. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention provides an image data verification program capable of realizing disclosure of both partially-encrypted (confidential) image data by both paper media and electronic media, and decryption processing and partial originality verification by a verifier, The present invention relates to a data verification system and an image data verification method.

  In April 2005, the Personal Information Protection Law and the eDocument Law were enforced. The Personal Information Protection Law strictly restricts the use of personal information for purposes other than the collected purpose without the consent of the individual, and businesses that handle personal information exceeding 5,000 people are subject to regulation. In the Personal Information Protection Law, information must be disclosed at the request of the person. Furthermore, according to the information disclosure law, public organizations must disclose information except for privacy information such as personal information and confidential information if there is a request for disclosure.

  On the other hand, according to the e-document method, some documents that had to be stored on paper conventionally can be stored as electronic documents by adding them with a scanner, adding an electronic signature, and a time stamp.

  As a case that may occur in the future due to the enforcement of these laws, it is conceivable that the personal information part of the file captured by the scanner and digitized is deleted and released. However, since the current e-document method applies an electronic signature and a time stamp to the entire captured data, if the personal information part is deleted, the data is altered and both the electronic signature and the time stamp become invalid.

  In that case, it is very easy to change (tamper) other parts at the same time as deleting the personal information part, and unlike paper documents, it is difficult to detect.

  For this reason, if a part of electronic data captured by the scanner is altered or deleted, it is possible to identify that the part has been changed, and a technique that can guarantee the integrity and originality of the other part is required.

  In order to address such issues of both evidence and privacy protection, research on the sanitization signature technology that guarantees the partial originality (completeness) of a part of an electronic document and conceals (inking) is progressing. Yes.

  In particular, the international publication number: WO2006 / 008847 (Patent Document 1 below) is an electronic document sanitization signature that solves the problem that a signature applied to a document cannot be verified by concealing a part of the document. Technology (hereinafter, this technology is abbreviated as PIAT). By applying this PIAT, it is possible to verify the signature even when the electronic document with the signature is painted, and third-party proof that there is no modification except for the painted (changed or added) portion It becomes possible to do.

  Moreover, partial signature information is generated using partial information of image information and managed separately from the image information, and image information and partial signature information are used to verify whether the image information has been changed and to verify the changed portion. As a technology that makes it possible, there is a technology such as JP 2007-027920 (Patent Document 2 below).

  In this technology, the technology of WO2006 / 008847 is applied to still image data in JPEG (Joint Photographic Experts Group) format, and the reason for changing the image information is limited to “blacking out”, and JPEG is a lossy compression. A method for generating partial signature information for partial information in the middle of JPEG encoding / decoding is provided.

  Further, as a technology that enables verification of whether the originality of the decryption information in the non-disclosure part is ensured invariant other than non-disclosure information while controlling the partial disclosure / non-disclosure of the electronic information. There is a technique such as 156970 (Patent Document 3 below).

  Further, as a partial encryption technique for image data, a technique such as Japanese Patent Application No. 2007-999801 has been proposed. In this technology, in order to encrypt a part of the input image and make it possible to specify the encrypted area at the time of decryption, the pixel value in the encrypted area is regularly converted, and a unique pattern corresponding to pixel value conversion Means for encrypting by generating, means for adding positioning markers for specifying the encryption position to at least two corners of the encryption area, and for verifying the validity of the decrypted image Means for adding at least one check mark in the encryption area before encryption processing.

  Using this technology, for example, a part of the image data is encrypted (confidential) and printed on paper. At the time of confirmation, the printed / output paper is digitized again by the image scanner device, and at the same time, the content of the restored image data is confirmed by performing the decryption processing of the concealed (encrypted) portion. Can be considered. Hereinafter, this technique will be described as a print encryption technique.

There are also common key cryptosystems such as AES (Advanced Encryption Standard) and RSA public key cryptosystems for performing digital encryption processing on an arbitrary portion. Hereinafter, the digital encryption processing method will be described as digital encryption technology.
WO2006 / 008847 JP2007-027920 JP2007-156970

  However, the technique disclosed in Japanese Patent Laid-Open No. 2007-027920 specializes in partial encryption / decryption of image information + partial originality verification, disclosure by both media of paper media and electronic media, and decryption processing and partial originals by a viewer. It did not provide a mechanism that could achieve sex verification.

  Further, the technology disclosed in Japanese Patent Application Laid-Open No. 2007-156970 specializes in partial disclosure / non-disclosure control of electronic information and application to an XML (eXtensible Markup Language) format according to conditions and situations such as a viewer, a system, and time. However, it did not provide a mechanism that can be disclosed in both paper media and electronic media, as well as a mechanism that can implement decryption processing and partial originality verification by the viewer.

  Furthermore, in the technology of Japanese Patent Application No. 2007-999801, image data subjected to rescanning / decryption processing is performed before encryption because image processing and decryption processing by printing and rescanning are performed using a medium called paper. Since it does not always match digitally with image data, there is a problem that signature verification cannot be performed even if a signature is added to image data before encryption (signature verification fails). .

  On the other hand, by performing encryption / decryption processing digitally using an encryption technology such as AES or RSA, the image data before and after encryption can be digitally matched and the signature can be confirmed. The encrypted image data is printed and output, and the image data digitized by scanning by the scanner device is numerically completely different from the image data before printing and output, and even the restoration of the encrypted part is possible. There was a problem that it could not be done.

  Therefore, the method of either disclosure / verification by paper media using the invention of Japanese Patent Application No. 2007-999801 or disclosure / verification by electronic media using encryption technology such as AES or RSA is used. There was no choice but to adopt.

  Therefore, in the present invention, an image data verification program capable of realizing disclosure of both partially-encrypted (confidential) image data on paper media and electronic media, and decryption processing and partial originality verification by a viewer An image data verification system and an image data verification method are provided.

  An image data verification program according to an embodiment forms an original image data from an original registration step of registering original image data read by a scanner as original image data, and the original image data registered in the original registration step. Part information, which is information for each part of the information to be extracted, generates a feature quantity of each piece of partial information, generates signature information by adding a signature to the set of feature quantities, and associates it with the original image data A signature information registration step to be registered, and when performing a concealment process on at least a part of the original image data, for the part to be concealed, from the image after printing the print-encrypted data, The print encryption process that can decrypt the image is performed, the print encryption process is performed, and the encrypted original image data in which the print encryption process is partially performed is performed. An encryption step for registering the digitally encrypted data, and a request for disclosure by printing when requesting to disclose the encrypted original image data The encrypted original image data encrypted by the encryption step is provided as print data, and at least the encrypted original image data is converted into electronic data in response to a request for disclosure by electronic media. In the disclosure step provided as media data and the verification process of the encrypted original image data, if there is a verification request accompanied by a decryption process for the disclosure request by printing, the paper media formed by printing the print data Acquire image data obtained by reading with a scanner, and by the print encryption process The decryption process is performed on the part corresponding to the encrypted secret part, the decrypted image data is provided, and the verification request without the decryption process on the electronic media data of the encrypted original image data is received. If there is, extract the partial information which is information for each part of the information forming the encrypted original image data, generate a feature amount of each partial information, and in the signature information registered by the signature information registration step Compared with the feature amount, the comparison result is provided. On the other hand, when there is a verification request accompanied by a decryption process, the digitally encrypted concealment is performed on the encrypted original image data provided in the disclosure step. The computer performs a decoding process on the portion and a verification step for providing the decoded image data.

  Further, the image data verification method performed by the computer in the embodiment includes an original registration step of registering original image data read by a scanner as original image data, and an original image data registered by the original registration step. Extracting partial information that is information for each part of the information forming the original image data, generating feature amounts of each piece of partial information, generating signature information by adding a signature to the set of feature amounts, Signature information registration step for registering in association with original image data, and when performing confidential processing on at least a part of the original image data, the data after printing encryption is printed for the portion to be processed The print encryption process that can decrypt the original image from the later image is performed, the print encryption process is performed, and the print encryption process is partially The encrypted original image data is registered, the encryption process is performed for the digital encryption processing for the portion to be concealed, and the digital encrypted data is registered, and the disclosure request for the encrypted original image data In response to a request for disclosure by printing, the encrypted original image data encrypted by the encryption step is provided as print data, and at least for the request for disclosure by electronic media, In the disclosure step of providing the encrypted original image data as electronic media data and the verification process of the encrypted original image data, if there is a verification request accompanied by a decryption process for the disclosure request by printing, the print data is Acquire image data obtained by scanning a printed paper media scanner Decrypting the portion corresponding to the confidential portion encrypted by the print encryption processing, providing the decrypted image data, and decrypting the encrypted original image data with respect to the electronic media data If there is a verification request without accompanying, the partial information, which is information for each part of the information forming the encrypted original image data, is extracted, a feature amount of each partial information is generated, and the signature information registration step Compared with the feature amount in the registered signature information and provides a comparison result, if there is a verification request accompanied by a decryption process, the encrypted original image data provided in the disclosure step, A verification step of decrypting the digitally encrypted confidential portion and providing the decrypted image data.

  An image data verification system that performs image data verification with a computer in an embodiment includes an original registration unit that registers original image data read by a scanner as original image data, and an original image registered by the original registration unit Extracts partial information, which is information for each part of the information forming the original image data, from the data, generates a feature amount of each piece of partial information, and generates signature information by adding a signature to the set of feature amounts And a signature information registration unit that is registered in association with the original image data, and when performing confidential processing on at least a part of the original image data, print encryption processing is performed on a portion that performs the confidential processing, and printing is performed. The encrypted original image data that has undergone encryption processing is registered, and the digital encryption processing is performed for the portion that performs the concealment processing. An encryption unit for registering the digitally encrypted data and the request for disclosure of the encrypted original image data in response to a request for disclosure by printing, the encryption encrypted by the encryption unit The original image data is provided as print data, and at least in response to a request for disclosure by electronic media, a disclosure unit that provides at least the encrypted original image data as electronic media data, and the encrypted original image data In the verification process, if there is a verification request accompanied by a decryption process for the disclosure request by printing, the print data is obtained by reading the image data obtained by scanning a paper media scanner that prints the print data, and the print encryption The decryption process is performed on the part corresponding to the secret part encrypted by the process, and the decrypted image data is provided. In addition, when there is a verification request that does not involve decryption processing of the electronic media data of the encrypted original image data, partial information that is information for each part of the information that forms the encrypted original image data is extracted And generating a feature amount of each partial information, comparing it with the feature amount in the signature information registered by the signature information registration unit, and providing a comparison result, and if there is a verification request accompanied by a decryption process, A verification unit that decrypts the encrypted original image data provided by the disclosure unit with respect to the digitally encrypted confidential portion and provides the decrypted image data.

  According to the present invention, it is possible to realize disclosure of both partially-encrypted (confidential) image data in both paper media and electronic media, and decryption processing and partial originality verification by a viewer. Play.

Exemplary embodiments of the present invention will be described below in detail with reference to the accompanying drawings.
First, the configuration of the system according to the present embodiment will be described with reference to FIG. FIG. 1 is a system configuration diagram in the present embodiment.

  In FIG. 1, 1 is a network. However, 1 corresponds to all communication line networks such as the Internet, an intranet, and a wide area network. Reference numeral 2 denotes a server of a certification authority that manages electronic signature information. As is well known, an electronic signature is obtained by sending signature information, signature target information, and public key certificate obtained by encrypting information that is a summary of the signature target information (message digest) with the sender's private key to the other party. After confirming the validity of the public key certificate, the encrypted signature information is decrypted with the public key included in the public key certificate and compared with the summary information obtained from the signature target information. This is a technique for determining whether or not transmission is from a legitimate partner based on whether or not the comparison results are the same (details will be described later).

  In this technique, since it is necessary to guarantee the validity of the certificate, it is common to install the certification authority server 2 that stores the signer's public key as in this embodiment. As shown in FIG. 2, the certification authority server 2 performs public key DB 21 storing the signer's public key, a certificate issuing unit 22 that issues a public key certificate in response to a request, and verifies the public key certificate. A certificate verification unit 23 and a communication unit 24 that performs communication via the network 1 are included.

  Reference numeral 3 denotes a document management server that is processed by an acquirer, a signer, a concealer, and a disclosing person. As shown in FIG. 3, the document management server 3 includes a document management DB 31 for storing information transmitted to the document management server 10 serving as a verification side, which will be described later, and a key for a concealer to store a key for encryption processing. Management DB 32, document management TB 33 for controlling access to the document management DB 31, signature generation unit 34 for adding a signer's PIAT signature information and electronic signature to the information, and a concealer for selecting and processing a concealment location It has a concealment processing unit 35, an encryption processing unit 36 for performing an encryption process using an encryption key stored in the key management DB 32, and a communication means 37 for performing communication via the network 1.

  Reference numeral 4 denotes a terminal used by the take-in person to operate the scanner reading device 5 described later and further to operate the document management server 3. The fetcher terminal 4 can communicate with the document management server 3.

  Reference numeral 5 denotes a scanner reading device for a capture person to scan a paper document as an electronic document. The scanner reading device 5 is connected to the acquirer terminal 4.

  Reference numeral 6 denotes a terminal for the signer to operate the document management server 3. The signer terminal 6 can communicate with the document management server 3.

  7 is a terminal for the concealer to operate the document management server 3. The concealer terminal 7 can communicate with the document management server 3.

  Reference numeral 8 denotes a terminal for operating the document management server 3 for the disclosure person to operate the printer device 9 described later. The disclosing person terminal 8 can communicate with the document management server 3.

  Reference numeral 9 denotes a printer device for a disclosing person to print / output an electronic document as a paper document. The printer device 9 is connected to the disclosing person terminal 8.

  A document management server 10 is processed by a viewer / verifier. As shown in FIG. 4, the document management server 10 includes a document management DB 101 for storing information sent from the document management server 3 on the signature side, and a key management DB 102 for storing a key for decryption by a verifier. A document management TB 103 that controls access to the document management DB 101, a signature generation unit 104 that generates the signer's PIAT signature information, and a decryption process using the decryption key stored in the key management DB 102. The decryption processing unit 105 includes a signature verification unit 106 that verifies an electronic signature attached to the transmitted information, and a communication unit 107 that performs communication via a network.

  Reference numeral 11 denotes a terminal for the verifier to operate the scanner reading device 12 to be described later, and for the viewer / verifier to operate the document management server 10. The viewer / verifier terminal 11 can communicate with the document management server 10.

  Reference numeral 12 denotes a scanner reading device for the verifier to scan a paper document as an electronic document. The scanner reading device 12 is connected to a viewer / verifier terminal 11.

  The processing operation of the system configured as described above will be described below. First, electronic signature processing in the apparatus of this embodiment will be described.

  In the electronic signature, the sender generates a key pair (private key and public key) in advance, sends the public key to the certification authority server 2 and issues a public key certificate, and sends it to the transmitting device. Stores this private key and public key certificate. When information is transmitted from the transmission device, first, summary information (message digest) of signature target information is generated, and the summary information encrypted with the sender's private key is used as signature information.

  Subsequently, the signature target information, the signature information, and the sender's public key certificate are transmitted to the other party, and the other party (recipient) who received the information receives the sender's public key acquired from the certification authority server 2 The validity of the certificate is verified, and if it is valid, the signature information is decrypted with this public key. Subsequently, a summary of signature target information is generated, and if it is the same as the decrypted information, it is a technique that can be proved that it is truly transmitted from the sender and has not been altered.

  The summary information here is information (hash information) calculated using a cryptographic one-way hash function for the signature target information, and means that the size of the signature target information can be compressed. It is also said.

  In addition, the hash information generated by the cryptographic one-way hash function is the only information that can be generated only from the signature target information, and the original information cannot be restored from the generated hash information. Has characteristics. For this reason, it is often used for information encryption and digital signature generation.

  This cryptographic one-way hash function includes algorithms such as MD5, SHA-1, and SHA-256. Information about which algorithm is used to generate summary information (hash information) for the information (hash information generation algorithm) is described in the public key certificate.

  A detailed procedure for generating the electronic signature will be described below.

  First, registration of a public key between the transmission apparatus and the certification authority server 2 will be described with reference to the flowchart of FIG. In the embodiment shown in FIG. 1, the document management server 3 is an electronic signature transmission device.

  First, the sender generates a key pair (secret key and public key) (S1001). Subsequently, when the sender operates the transmitting apparatus and inputs the certificate issuance request information (S1002), the transmitting apparatus sends the input certificate issuance request information to the certification authority server 2 together with the public key. Transmit (S1003).

  The certificate issuing unit 22 of the certification authority server 2 that has received this information by the communication means 24 (S1004) generates a public key certificate including the public key (S1005), and generates the public key certificate generated in the public key DB 21. Are accumulated (S1006).

  Thereafter, the certificate issuing unit 22 controls the communication unit 24 to transmit the issued public key certificate to the transmitting apparatus that has transmitted the certificate issuance request information via the network 1 (S1007).

  The transmitting device that has received this information (S1008) has its own private key generated in S1001 and the public key certificate issued from the certification authority server 2 (in the signature generation unit 33 of the document management server 3). Storage area) (S1009), and the process is completed.

  Next, the transmission / reception process of information with an electronic signature and the verification process of the receiving apparatus will be described with reference to the flowchart of FIG.

  First, when a sender inputs a transmission instruction to an electronic signature generation & reception apparatus for certain signature target information (S2001), the transmission apparatus stores the signature target information indicated by the private key stored in the storage area. The summary information (hash information) is encrypted (S2002) and transmitted together with the stored public key certificate to the receiving device (S2003).

  The receiving apparatus that has received the information (S2004) first transmits the public key certificate to the certification authority server 2 in order to confirm the expiration date and revocation information of the sent public key certificate (S2005). ).

  Here, it is assumed that the certification authority server 2 supports a series of functions for certificate issuance and certificate verification. Next, the certification authority server 2 verifies the validity of the received public key certificate (S2006), and transmits the verification result to the receiving device (S2007).

  Next, the receiving apparatus receives this validity verification result (S2008). Subsequently, the receiving device that has received this validity verification result checks whether or not it is valid (S2009). If the validity can be confirmed, first, the hash included in the public key certificate of the sender acquired from the transmitting device is obtained. With reference to the information generation algorithm, hash information is generated from the signature target information received from the transmission device (S2010).

  Subsequently, the signature information received from the transmission device is decrypted using the public key included in the public key certificate (S2011). The receiving apparatus compares the hash information generated in S2010 with the information obtained by the decryption process in S2011, and determines whether or not they are the same (S2012). If it can be confirmed by this determination that the information is the same as the information sent from the transmission device (sender) and it can be proved that there is no alteration (S2013), the information is stored (S2014).

  On the other hand, if they are different, it is determined that the information cannot be proved to be from the transmitting device (sender) (or has been altered during the communication) (S2015), and cannot be proved to the operator of the receiving device. Notification processing, such as displaying a message to the effect, is performed (S2016). Similarly, when the validity of the public key certificate cannot be confirmed in the process of S2009, it can be determined that the certificate cannot be proved to be from the transmitting device (sender) (S2015), and can be proved to the operator of the receiving device. Notification processing, such as displaying that there was no, is performed (S2016).

  Before describing the processing by the system of the present embodiment, first, a method of applying PIAT to JPEG format image data will be described. Hereinafter, the method of applying PIAT to JPEG format image data will be abbreviated to be referred to as the JPEG-PIAT method.

  Data captured by a scanner and digitized are often converted to a compressed image format such as JPEG. When applying a technique that guarantees partial integrity to this, it is necessary to perform format analysis after compression / decompression.

  In JPEG, since a bitmap image is divided into rectangles for processing, it may be possible to use this as a unit of “part”. However, in the JPEG format, the entropy compression process is performed on the plurality of blocks to hold the data, and therefore PIAT cannot be simply applied.

  In order to solve this problem, Japanese Patent Application Laid-Open No. 2007-027920 proposes a method in which the data after entropy compression / decompression is applied to JPEG format image data.

  Although there are various JPEG compression methods and formats, this embodiment is based on the JFIF (JPEG File Interchange Format) format using a basic DCT (Discrete Cosine Transform) method for the sake of simplicity. As a precondition, the vertical and horizontal and luminance vs. color difference sampling factors are fixed to 2: 1, the lister and interval are disabled, and the thumbnail-free data format is used. Hereinafter, the target format is simply described as JPEG.

  FIG. 14 shows the structure of JPEG data. In FIG. 14, MCU (minimum encoding unit) corresponds to one block of an image. FIG. 15 shows the relationship between the MCU format and the image. In FIG. 15, one MCU constitutes 16 × 16 dots of an image, and one MCU is composed of six luminance / color difference components of 8 × 8 dots. This is because the data amount is compressed by thinning out the color difference components.

  Apply PIAT to JPEG. FIG. 16 shows the JPEG decoding process. As shown in FIG. 14, a plurality of MCUs are entropy compressed and stored in JPEG data. Therefore, PIAT is applied after entropy compression / expansion in FIG. 16 in order to guarantee completeness in MCU units or luminance / chrominance component units. An example of the JPEG-PIAT system is shown below (FIG. 17). In FIG. 17, PIAT signature information is generated for the original before the confidential processing, and PIAT signature information is generated for the original subjected to the confidential (change) processing, and the hash values of both PIAT signature information are compared. The change is judged.

  First, at the time of signing, the JPEG file is set as the first version image data. On the other hand, entropy compression / decompression is performed to extract luminance / color difference components. Then, hash information is calculated for each component, an electronic signature is applied to the hash information, and it is stored in a separate file (that is, partial information that is information for each part of information forming original image data is extracted) Then, a feature amount of each piece of partial information is generated, and an electronic signature is added to the set of feature amounts and stored). This is the first version of PIAT signature information. The first version image data and PIAT signature information are stored in pairs.

  Subsequently, when changing or sanitizing, an arbitrary portion of the first version image data is changed or sanitized by an image editor or the like. This is the second version of image data. Then, the second version of PIAT signature information is generated by the same processing as that for signing. Then, the second version of the image data, the PIAT signature information, and the first version of the PIAT signature information are disclosed.

  At the time of signature confirmation, first, the electronic signatures of the first and second editions of PIAT signature information are confirmed.

  Next, it is verified whether the hash information generated from the image data of the second version and the hash information of the PIAT signature information of the second version coincide with each other by the same process as that at the time of signature (second version PIAT signature confirmation).

  Further, the first version and the second version of the PIAT signature information are compared, and the changed / sanitized portion is specified. As a result, it is possible to check the change and sanitization location of the second version without releasing the image data of the first version.

  Subsequently, the entities appearing in this embodiment and their roles are defined. In the present embodiment, six persons, that is, an acquirer, a signer, a concealer, a discloser, a viewer, and a verifier appear.

  The take-in person is a person who takes a paper document to be signed by the scanner reading device 5, digitizes it, and saves it as original image data.

  The signer is a person who adds PIAT signature information (with electronic signature) to the original image data captured by the acquirer and saves it as signed original image data.

  The concealer is a person who performs partial concealment processing by rectangular selection or the like and encryption processing on the original image data captured by the capture user and saves it as encrypted original image data. However, this partial concealment process may be performed by the signer, but here, a person who performs the partial concealment process is set separately.

  Discloser is a person who discloses to the viewer or verifier the paper and / or electronic media of the encrypted original image data that has been partially concealed by the concealer. is there.

  Specifically, first, in the paper media disclosure, the printer device 9 is used to print on paper, and the disclosure is made to the viewer or verifier. In addition, in electronic media disclosure, disclosure is made to a viewer or a verifier using an online medium such as an email or a shared server, or an offline medium such as a portable medium (USB memory).

  The viewer is a person who browses using the encrypted original image data (both paper media and / or electronic media) disclosed by the disclosing person. However, here, the viewer is defined as a person who receives the encrypted original image data itself disclosed from the disclosing person and simply browses it.

  In addition, there are verifiers among the viewers. The verifier is divided into a person who has the authority to decrypt a part of the data that has been partially concealed and a person who does not have the authority to decrypt. Define the key as being received in some way from the concealer.

  Specifically, first, in the verification by the paper disclosure route, the viewer confirms the disclosed paper medium itself with the naked eye. Also, the verifier having the decryption authority digitizes using the scanner reading device 12 and performs decryption processing on the encrypted original image data that is output.

  The decrypted original image data in a state where the partially concealed portion is decrypted is displayed via the display device of the browser / verifier terminal 11, so the content is confirmed by visual confirmation. In addition, since the verifier who does not have the decryption authority cannot perform the decryption process on the partially concealed portion, the verifier confirms the same content as the content confirmed with the naked eye of the disclosed paper medium.

  Subsequently, in the verification by the electronic disclosure route, the viewer confirms the disclosed encrypted original image data itself via the display device of the viewer / verifier terminal 11. The verifier having the decryption authority performs a decryption process to restore a part of the secret part and confirms that it is the same as the original image data. The verifier who does not have the decryption authority verifies the decrypted original image data that has been partially concealed, and confirms the integrity of the changed part and the disclosed part.

  FIG. 7 shows an overview of the present embodiment. Hereinafter, specific processing will be described along the steps described in FIG. 7, the overall flowchart in the present embodiment in FIG. 8, and the flowcharts in FIGS. 9 to 13. In each drawing, common steps in FIGS. 7 and 8 are denoted by the same reference numerals, and detailed steps in FIGS. 9 to 13 show the steps shown in FIGS. 7 and 8 in detail.

  First, the capturer uses the capturer terminal 4 to place a paper document to be signed / partially concealed on the scanner reading device 5 and issue an image capture instruction (ST100 / 01).

  The scanner reading device 5 receives an image capture instruction from the capture user terminal 4 and is digitized by scanning. The captured original image data is converted into the JPEG format (ST100 / 02).

  Subsequently, the image data is sent to the capturer terminal 4 and the original image data is output to the display device equipped in the capturer terminal 4 (ST100 / 03). When the capturer confirms the storage function, the capturer terminal 4 transmits the captured original image data to the document management server 4 (ST100 / 04).

  The document management server 3 receives the original image data via the communication means 37 (ST100 / 05), and accumulates and stores it in the document management DB 31 via the document management TB33 (ST100 / 06). When the storage / storage is completed, a completion notification is transmitted to the take-in terminal 4 via the communication means 37 (ST100 / 07). Capturer terminal 4 receives the completion notification (ST100 / 08), confirms that the capturer has no error, and ends the process of ST100.

Subsequently, the signer terminal 6 accesses the document management server 3 by a signing instruction (ST200 / 01) by the signer, and the document management server 3 receives the signing instruction via the communication unit 37 (ST200 / 02). ). The document management server 3 retrieves original image data that has been captured and stored / stored by the capturer from the document management DB 31 via the document management TB 33 (ST200 / 03).

  Next, the signature generation unit 34 generates PIAT signature information for the original image data using the JPEG-PIAT method described above (ST200 / 04).

  FIG. 18 shows a process for generating PIAT signature information for original image data. The generated PIAT signature information is stored and stored as PIAT signature information of original image data in the document management DB 31 via the document management TB 33 (ST200 / 05).

  As a storage form of the PIAT signature information, there can be a form stored in the original image data and a form stored as separate data.

  Note that the electronic signature in the PIAT signature information in FIG. 18 is a whole signature added to the PIAT signature information. This corresponds to the electronic signature of the signer and is used for specifying the creator of the original image data and for detecting falsification. Normally, in the case of e-document law application, this electronic signature is required to be that of the acquirer, but in this embodiment, the acquirer and the signer are considered separately, and the creator of the original image data Proceed with the explanation as the signer.

  In this embodiment, the addition of a time stamp that enables third party certification of the creation confirmation time of the original image data is omitted. However, in actual operation, it is desirable to add it to enhance the certification power. . When the storage / storage is completed, a completion notice is transmitted to the signer terminal 6 via the communication means 37 (ST200 / 06).

  The signer terminal 6 receives the completion notification (ST200 / 07), confirms that the signer has no error, and ends the process of ST200.

  Subsequently, the concealer terminal 7 accesses the document management server 3 by the original image data extraction instruction (S300 / 01) by the concealer, and the document management server 3 receives the extraction instruction via the communication unit 37 ( ST300 / 02). The document management server 3 retrieves original image data that has been captured and stored / stored by the importer from the document management DB 31 via the document management TB 33 (ST300 / 03). The extracted original image data is transmitted to the concealer terminal 7 via the communication means 37 (ST300 / 04).

  The concealer terminal 7 receives the original image data from the document management server 3 (ST300 / 05), and outputs the original image data to the display device provided in the concealer terminal 7. Subsequently, a rectangle for the secret part is selected by an operation by the secret person (ST300 / 06).

  When the selection of the secret location rectangle is completed, the concealer terminal 7 transmits again the rectangle selection information of the secret location to the document management server 3 (ST300 / 07). The document management server 3 receives the rectangle selection information of the secret location via the communication means 37 (ST300 / 08).

  The document management server 3 performs a concealment process on the concealed portion selected as a rectangle via the concealment processing unit 35 (ST300 / 09). Specifically, first, the encryption encryption process is performed on the secret location selected in the rectangle using the print encryption technology (STR310). FIG. 19 shows an image encryption process using a print encryption technique. First, the original image data (JPEG data) is subjected to Huffman reverse coding, and further divided into MCUs in a secret area and a disclosure area.

  Bitmap data is converted into JPEG decode processing (excluding Huffman reverse encoding) for the information in a part of the secret area, and the encryption processing is performed through the analog image encryption processing. The encrypted Bitmap data is converted into JPEG data by JPEG encoding processing (excluding Huffman encoding), and information of the disclosure area is combined and embedded.

  Subsequently, it is output as encrypted original image data by Huffman coding. The output encrypted original image data is stored and stored in the document management DB 31 via the document management TB 33 (STR320). At this time, the original image data may be overwritten or the version number management may be performed as separate data.

  Subsequently, the digital encryption processing of the secret part is performed on the secret part selected by the rectangle using the digital encryption technology (STD310). FIG. 20 shows image encryption processing by digital encryption technology.

  First, similarly to the STR 310, the original image data (JPEG data) is subjected to Huffman reverse coding, and further divided into MCUs in a secret area and a disclosure area. A part of the secret area information is encrypted using a digital encryption technique such as AES and output as digitally encrypted data. The output digital encrypted data is stored and saved in the document management DB 31 via the document management TB 33 (STD 320).

  This digitally encrypted data is also stored in the encrypted original image data, or is stored as separate data, like the PIAT signature information. Further, the key used in this digital encryption process varies depending on the encryption method used. If it is an AES common key cryptosystem, a common key is used. If it is a public key cryptosystem such as RSA, a public key is used. Further, when using a common key, it is necessary to manage it in an arbitrary secure area. The encryption key is stored and managed in the key management DB 32 in the document management server 3. The management method and the access control method in the key management DB 32 are naturally necessary, but the description thereof is omitted here.

  When the above processing is completed, a completion notification is transmitted to the concealer terminal 7 via the communication means 37 (ST300 / 10). The concealer terminal 7 receives the completion notification (ST300 / 11), confirms that the concealer has no error, and ends the processing of ST300, STR310, STD310, STR320, and STD320.

  When the above processing is completed, the process proceeds to the disclosure process. The disclosing person first determines to whom the disclosed original image data is to be disclosed in the form of paper media and / or electronic media (ST400).

  First, disclosure by paper media will be described. Discloser terminal 8 accesses document management server 3 in response to an instruction to retrieve original image data (STR410 / 01) by the disclosing person, and document management server 3 receives the retrieval instruction via communication means 37 (STR410 / 02). ). The document management server 3 takes out the encrypted original image data encrypted and stored / stored by the concealer from the document management DB 31 via the document management TB 33 (STR410 / 03).

  The extracted encrypted original image data is transmitted to the disclosing person terminal 8 via the communication means 37 (STR410 / 04). The disclosing person terminal 8 receives the encrypted original image data from the document management server 3 (STR410 / 05) and outputs it to the display device provided in the disclosing person terminal 8.

  Subsequently, a print instruction is transmitted to the printer device 9 by the operation of the disclosing person (STR410 / 06). The printer device 9 receives a print instruction from the disclosing person's terminal 8, and prints and outputs it on paper (STR410 / 07). The disclosing person receives the encrypted original image printed on paper (STR410 / 08) and discloses it offline by means such as mailing or handing it to the viewer or the verifier (STR410 / 09). The viewer or verifier receives the encrypted original image (paper medium) disclosed offline (STR410 / 10). Thereafter, processing differs depending on the viewer or the verifier (STR420).

  First, the browser process will be described. The viewer visually confirms the contents of the paper medium received from the disclosing person with the naked eye (STR431). At this time, the viewer cannot browse the secret part, and can browse only the other contents. This completes the process by the viewer.

  Next, the verifier process will be described. There are two types of verifiers: a person who does not have the authority to decrypt the encrypted secret part and a person who has the authority (STR432). First, the verifier who does not have the decryption authority (STR432, None) visually checks the paper medium itself received from the disclosing person with the naked eye (STR433). At this point, the verifier cannot verify the secret part and can verify only the other contents. This is the end of the process by the verifier who does not have the decryption authority.

  The verifier (STR432, having) with the decryption authority uses the viewer / verifier terminal 11 to place the paper medium received from the disclosing person on the scanner reader 12 and issue an image capture instruction (STR440 / 01). . The scanner reading device 12 receives an image capture instruction from the viewer / verifier terminal 11, digitized by scanning, and the captured encrypted original image data is converted into the JPEG format (STR440 / 02). ).

  Subsequently, it is sent to the viewer / verifier terminal 11 and the encrypted original image data is output to the display device provided in the viewer / verifier terminal 11 (STR440 / 03). Next, the verifier issues a decryption instruction to the document management server 10 using the browser / verifier terminal 11 (STR450 / 01).

  At this time, the output encrypted original image data is transmitted together. The document management server 10 receives the decryption instruction via the communication unit 107 (STR450 / 02). Receiving the decryption instruction, the document management server 10 performs analog decryption processing on the transmitted encrypted original image data (STR450 / 03).

  FIG. 21 shows image decryption processing by the print encryption technique. First, decoding processing is performed through analog decoding processing using the output Bitmap format image data. The decoded Bitmap data is output as decoded original image data. The output decoded original image data may be stored and stored in the document management DB 101 via the document management TB 103.

  When the above processing is completed, the decoded original image data is transmitted to the viewer / verifier terminal 11 via the communication means 107 (STR450 / 04). When the viewer / verifier terminal 11 receives the decoded original image data (STR450 / 05), the viewer / verifier terminal 11 outputs the decoded original image data to a display device provided in the viewer / verifier terminal 11.

  The verifier confirms the contents of the decrypted original image data in a state where a part of the secret part is decrypted by visual confirmation (STR460). Also, the decryption key is provided from the concealer to the verifier having the decryption authority by some method, and is stored and managed in the key management DB 102 in the document management server 10. The management method and the access control method in the key management DB 102 are naturally necessary, but the description is omitted here. When all these processes are completed, the processes of STR410, STR420, STR431, STR432, STR433, STR440, STR450, and STR460 are terminated.

  Next, disclosure by electronic media will be described. Discloser terminal 8 accesses document management server 3 in response to an instruction to retrieve original image data (STD410 / 01) by the disclosing person, and document management server 3 receives the instruction to retrieve via communication means 37 (STD410 / 02). ).

  The document management server 3 extracts three pieces of information of the encrypted original image data, PIAT signature information, and digital encrypted data from the document management DB 31 via the document management TB 33 (STD410 / 03).

  At this time, as disclosed data, when PIATA signature information and digitally encrypted data are collectively included in the encrypted original image data, only the encrypted original image data is included in the PIAT signature information and the digitally encrypted data. Is different data, it becomes three pieces of information of encrypted original image data, PIAT signature information, and digital encrypted data.

  Here, the latter case where the PIAT signature information and the digitally encrypted data are different from the encrypted original image data will be described. The extracted encrypted original image data, PIAT signature information, and digital encrypted data are transmitted to the disclosing person's terminal 8 via the communication means 37 (STD410 / 04).

  The disclosing person's terminal 8 receives the three pieces of information of the encrypted original image data, PIAT signature information, and digitally encrypted data from the document management server 3 (STD410 / 05), and displays the information on the display device provided in the disclosing person's terminal 8. Encrypted original image data is output. The disclosing person confirms the content of the displayed encrypted original image data, and the encrypted original image data, the PIAT signature information, and the digitally encrypted data are stored in an online medium such as an e-mail or a shared server, or Using a medium such as a portable medium (USB memory), the information is disclosed online to the viewer or verifier (STD410 / 06).

  In this online disclosure, it is transmitted to the document management server 10 on the viewer / verifier side. The document management server 10 receives three pieces of information, that is, encrypted original image data, PIAT signature information, and digital encrypted data via the communication means 107 (STD410 / 07), and receives the document management DB 101 via the document management TB103. Are stored and stored in (ST410 / 08).

  The document management server 10 notifies the viewer / verifier through the viewer / verifier terminal 11 that there is information disclosed online by some means (STD410 / 09). Thereafter, processing differs depending on the viewer or the verifier (STD 420).

  First, the browser process will be described. The viewer receives the encrypted original image data disclosed from the disclosing person from the document management server 10 (STD410 / 10). The encrypted original image data is output to a display device provided in the viewer / verifier terminal 11, and the viewer visually confirms the contents with the naked eye (STD431). At this time, the viewer cannot browse the secret part, and can browse only the other contents. This completes the process by the viewer.

  Next, the verifier process will be described. There are two types of verifiers: those who do not have the decryption authority and those who have the decryption authority for the encrypted secret part (STD432).

  First, the verifier who does not have the decryption authority transmits a PIAT signature verification processing request to the document management server 10 (STD432 / 01). The document management server 10 receives the PIAT signature verification processing request via the communication means 107 (STD432 / 02).

  Subsequently, the document management server 10 performs PIAT signature information verification on the encrypted original image data (STD450). Specifically, the encrypted original image data stored and stored is extracted from the document management DB 101 via the document management TB 103. Next, the signature generation unit 104 generates PIAT signature information for the encrypted original image data using the above-described JPEG-PIAT method.

  Subsequently, the stored and saved PIAT signature information is compared. FIG. 22 shows a PIAT signature information verification process for encrypted original image data. Specifically, all hash values generated for each MCU are compared.

  This verification result is transmitted to the viewer / verifier terminal 11 via the communication means 107 (STD 460/01). The viewer / verifier terminal 11 that has received the verification result (STD 460/02) can display the result as shown in FIG. 23 on the display device installed in the viewer / verifier terminal 11 (STD 460/03). .

  Specifically, the verifier can confirm that the part that has been partially concealed by the encryption process has been changed from the original image data, and that other parts have not been changed.

  For example, a cross (x) is displayed at a location where the hash value is different (PIATVERIFY portion in FIG. 23). At this point, the verifier cannot verify the secret part and can verify only the other contents. This is the end of the process by the verifier who does not have the decryption authority.

  The verifier having the decryption authority transmits a digital decryption processing request to the document management server 10 using the browser / verifier terminal 11 (STD 440/01). The document management server 10 receives the digital decryption processing request via the communication unit 107 (STD440 / 02). Subsequently, the document management server 10 performs digital decryption processing on the encrypted original image data (STD440 / 03). Specifically, encrypted original image data and digital encrypted data stored and stored are extracted from the document management DB 101 via the document management TB 103.

  Next, the decryption processing unit 105 performs digital decryption processing and decrypts the secret part. Specifically, the original image data is restored from the encrypted original image data digitally encrypted by the STD 310 using the digital encrypted data.

  FIG. 24 shows image decryption processing by digital encryption technology. First, the encrypted original image data (JPEG data) is subjected to Huffman reverse coding and further divided into MCUs in a partially concealed area and a disclosed area. A part of the secret area information is decrypted by using a digital encryption technique such as AES, and the output information is combined with the disclosure area information and embedded.

  In addition, the key used in this decryption process differs depending on the encryption method to be used. If the common key encryption method such as AES is used, the common key is used. If the public key encryption method is RSA, the public key is used. To do. Subsequently, it is output as decoded original image data by Huffman coding. Also in this case, the decryption key is provided from the concealer to the verifier having the decryption authority by some method, and stored and managed in the key management DB 102 in the document management server 10. The management method and the access control method in the key management DB 102 are naturally necessary, but the description is omitted here.

  The output decoded original image data is accumulated and stored as decoded original image data in the document management DB 101 via the document management TB 103.

  Subsequently, PIAT signature information verification processing is performed on the decoded original image data (STD450). Specifically, the signature generation unit 104 generates PIAT signature information for the decoded original image data using the above-described JPEG-PIAT method. Subsequently, the stored and saved PIAT signature information is compared.

  FIG. 25 shows the PIAT signature information verification processing of the decrypted original image data. Specifically, all hash values generated for each MCU are compared. Specifically, all hash values generated for each MCU are compared to verify whether they match.

  This verification result is transmitted to the viewer / verifier terminal 11 via the communication means 107 (STD 460/01). The viewer / verifier terminal 11 that has received the verification result (STD 460/02) can display the result as shown in FIG. 26 on the display device installed in the viewer / verifier terminal 11 (STD 460/03). .

  Specifically, if the verification results in a match, the verifier can confirm that the decoded original image data matches the original image data. As a verification result, for example, when a cross (x) is displayed in a portion having a different hash value, it can be determined that some modification has occurred.

  Further, after disclosure / verification by electronic media, the encrypted original image data or the decrypted original image data is reused (STD 500), further partially concealed, and disclosed to another viewer or verifier. be able to. At this time, the verifier will change to the position of the concealer.

  As described above, according to the present embodiment, it is possible to perform disclosure and partial originality verification on both paper media and electronic media that could not be realized in the past.

  The electronic document management program of the present invention can be provided by providing a program that causes a computer to execute the operations shown in the flowcharts and steps illustrated in the present embodiment. These programs can be recorded on a computer-readable medium and executed by the computer. The computer includes a host device such as a personal computer, a controller of a test device, a controller such as an MPU or CPU of a storage device, and the like. Here, as a computer-readable medium, a portable storage medium such as a CD-ROM, a flexible disk, a DVD disk, a magneto-optical disk, an IC card, a database holding a computer program, another computer, and its It includes databases and transmission media on the line.

It is a system configuration diagram in an embodiment. It is a block diagram of the certification authority server 2 in this Embodiment. It is a block diagram of the document management server (signature side) 3 of this Embodiment. It is a block diagram of the document management server (verification side) 10 of this Embodiment. 6 is a flowchart illustrating public key registration processing between the transmission apparatus and the certification authority server 2 according to the present embodiment. It is the flowchart which showed the transmission / reception process of the information with an electronic signature in this Embodiment, and the verification process of a receiver. It is the figure which showed the whole image of embodiment in this Embodiment. It is the whole flowchart by the system of this Embodiment. It is the flowchart which showed the scanner reading process by the system of this Embodiment. It is the flowchart which showed the signature production | generation process by the system of this Embodiment. It is the flowchart which showed the concealment process by the system of this Embodiment. It is the flowchart which showed the paper disclosure and signature verification process by the system of this Embodiment. It is the flowchart which showed the electronic disclosure and signature verification process by the system of this Embodiment. It is the figure which showed the structure of JPEG data. It is the figure which showed the relationship between MCU format and an image. It is the figure which showed the decoding process of JPEG. It is the figure which showed the JPEG-PIAT system. It is the figure which showed the production | generation process of the PIAT signature information with respect to original image data by the system of this Embodiment. It is the figure which showed the image encryption process in the printing encryption technique by the system of this Embodiment. It is the figure which showed the image encryption process in the digital encryption technique by the system of this Embodiment. It is the figure which showed the image decoding process in the printing encryption technique by the system of this Embodiment. It is the figure which showed the PIAT signature information verification process of the encrypted original image data by the system of this Embodiment. It is the figure which showed the signature verification result of the encrypted original image data by the system of this Embodiment. It is the figure which showed the image decoding process in the digital encryption technique by the system of this Embodiment. It is the figure which showed the signature verification result of the decrypted original image data by the system of this Embodiment. It is the figure which showed the signature verification result of the decrypted original image data by the system of this Embodiment.

Explanation of symbols

  1 network, 2 certificate authority server, 3 document management server (signing side), 4 fetcher terminal, 5 scanner reading device, 6 signer terminal, 7 concealer terminal, 8 disclosing person terminal, 9 printer device, 10 document management Server (verification side), 11 browser / verifier terminal, 12 scanner reading device, 21 public key DB, 22 certificate issuing unit, 23 certificate verification unit, 24 communication means, 31 document management DB, 32 key management DB, 33 Document management TB, 34 Signature generation unit, 35 Confidential processing unit, 36 Encryption processing unit, 37 Communication means, 101 Document management DB, 102 Key management DB, 103 Document management TB, 104 Signature generation unit, 105 Decryption processing unit, 106 Signature verification unit, 107 communication means.

Claims (20)

To the computer that verifies the image data,
An original registration step of registering original image data read by the scanner as original image data;
From the original image data registered by the original registration step, partial information, which is information for each part of the information forming the original image data, is extracted, a feature amount of each piece of partial information is generated, and a set of the feature amounts is obtained. A signature information registration step of generating signature information to which a signature is added and registering the signature information in association with the original image data;
When performing confidential processing on at least a part of the original image data, a print encryption processing capable of decrypting the original image from the image after printing the print-encrypted data for the portion subjected to the confidential processing An encryption step of registering the encrypted original image data partially subjected to print encryption processing, performing digital encryption processing on the portion to be concealed, and registering the digital encrypted data When,
In response to a request for disclosure of the encrypted original image data, in response to a request for disclosure by printing, the encrypted original image data encrypted by the encryption step is provided as print data and disclosed by electronic media A disclosure step of providing at least the encrypted original image data as electronic media data,
In the verification process of the encrypted original image data, if there is a verification request accompanied by a decryption process for the disclosure request by printing, the image data obtained by reading by a paper media scanner formed by printing the print data And decrypting the portion corresponding to the secret portion encrypted by the print encryption processing, providing the decrypted image data, and the electronic media data of the encrypted original image data When there is a verification request not involving decryption processing, the partial information, which is information for each part of the information forming the encrypted original image data, is extracted, the feature amount of each partial information is generated, and the signature Compared with the feature amount in the signature information registered in the information registration step and provides a comparison result, while there is a verification request accompanied by a decryption process. In the case, the encrypted original image data provided in the disclosure step is further decrypted with respect to the digitally encrypted confidential portion, and a verification step for providing the decrypted image data is executed. Image data verification program. The image data verification program according to claim 1,
In the encryption step, the secret part subjected to the digital encryption process is registered in a form embedded in the original image data. The image data verification program according to claim 1,
In the disclosure request by the electronic media in the disclosure step, the signature information and the digitally encrypted data are included together with the encrypted original image data, and the encryption provided in the disclosure step is included in the verification step An image data verification program, wherein verification is performed using the signature information and the digitally encrypted data together with the finished original image data. The image data verification program according to claim 1,
In the print encryption processing in the encryption step, after performing entropy compression / decompression on the original image data, partial information that is information for each portion of information forming the original image data is extracted, and each piece of partial information An image data verification program for generating signature information obtained by generating a feature amount and adding a signature to the set of feature amounts. The image data verification program according to claim 4,
The original image data is compressed image data by JPEG, and is an image data verification program. The image data verification program according to claim 1,
The signature information in the signature information registration step is stored in the original image data. The image data verification program according to claim 1,
In the encryption step, for the encrypted original image data, partial information that is information for each part of the information forming the original image data is extracted, a feature amount of each partial information is generated, and a set of the feature amounts An encrypted original image data signature information registration step for generating encrypted original image data signature information with a signature added thereto and registering the encrypted original image data signature information in association with the encrypted original image data,
And a signature confirmation step for comparing the signature information registered in the registration step with the encrypted original image data signature information registered in the encrypted original image data signature information registration step. Image data verification program. An image data verification method performed by a computer,
An original registration step of registering original image data read by the scanner as original image data;
From the original image data registered by the original registration step, partial information, which is information for each part of the information forming the original image data, is extracted, a feature amount of each piece of partial information is generated, and a set of the feature amounts is obtained. A signature information registration step of generating signature information to which a signature is added and registering the signature information in association with the original image data;
When performing confidential processing on at least a part of the original image data, a print encryption processing capable of decrypting the original image from the image after printing the print-encrypted data for the portion subjected to the confidential processing And performing print encryption processing, registering the encrypted original image data partially subjected to the print encryption processing, performing digital encryption processing on the portion to be concealed, and performing the digital encryption An encryption step to register the data;
In response to a request for disclosure of the encrypted original image data, in response to a request for disclosure by printing, the encrypted original image data encrypted by the encryption step is provided as print data and disclosed by electronic media A disclosure step of providing at least the encrypted original image data as electronic media data,
In the verification process of the encrypted original image data, if there is a verification request accompanied by a decryption process for the disclosure request by printing, the image data obtained by reading by a paper media scanner formed by printing the print data And decrypting the portion corresponding to the secret portion encrypted by the print encryption processing, providing the decrypted image data, and the electronic media data of the encrypted original image data When there is a verification request not involving decryption processing, the partial information, which is information for each part of the information forming the encrypted original image data, is extracted, the feature amount of each partial information is generated, and the signature Compared with the feature value in the signature information registered in the information registration step, and provides a comparison result, but there is a verification request accompanied by a decryption process Further includes a verification step of decrypting the encrypted original image data provided in the disclosure step with respect to the digitally encrypted confidential portion and providing the decrypted image data. Method of verification. The image data verification method according to claim 8,
In the encryption step, the secret part subjected to the digital encryption process is registered in a form of being embedded in the original image data. The image data verification method according to claim 8,
In the disclosure request by the electronic media in the disclosure step, the signature information and the digitally encrypted data are included together with the encrypted original image data, and the encryption provided in the disclosure step is included in the verification step An image data verification method, wherein verification is performed using the signature information and the digitally encrypted data together with the finished original image data. The image data verification method according to claim 8,
In the print encryption processing in the encryption step, after performing entropy compression / expansion on the original image data, partial information that is information for each portion of information forming the original image data is extracted, and each piece of partial information An image data verification method characterized by generating signature information obtained by generating a feature amount and adding a signature to the set of feature amounts. The image data verification method according to claim 11,
The image data verification method, wherein the original image data is JPEG compressed image data. The image data verification method according to claim 8,
The signature information in the signature information registration step is stored in the original image data. The image data verification method according to claim 8,
In the encryption step, for the encrypted original image data, partial information that is information for each part of the information forming the original image data is extracted, a feature amount of each partial information is generated, and a set of the feature amounts An encrypted original image data signature information registration step for generating encrypted original image data signature information with a signature added thereto and registering the encrypted original image data signature information in association with the encrypted original image data,
And a signature confirmation step for comparing the signature information registered in the registration step with the encrypted original image data signature information registered in the encrypted original image data signature information registration step. Image data verification method. An image data verification system for performing image data verification on a computer,
An original registration unit for registering original image data read by the scanner as original image data;
From the original image data registered by the original registration unit, partial information that is information for each part of the information that forms the original image data is extracted, a feature amount of each piece of partial information is generated, and a set of the feature amounts is obtained. A signature information registration unit that generates signature information to which a signature is added and registers the signature information in association with the original image data;
When performing confidential processing on at least a part of the original image data, a print encryption processing capable of decrypting the original image from the image after printing the print-encrypted data for the portion subjected to the confidential processing And performing print encryption processing, registering the encrypted original image data partially subjected to the print encryption processing, performing digital encryption processing on the portion to be concealed, and performing the digital encryption An encryption unit for registering data;
In response to a request for disclosure of the encrypted original image data, in response to a request for disclosure by printing, the encrypted original image data encrypted by the encryption unit is provided as print data and disclosed by electronic media In response to the request, a disclosure unit that provides at least the encrypted original image data as electronic media data;
In the verification process of the encrypted original image data, if there is a verification request accompanied by a decryption process for the disclosure request by printing, the image data obtained by reading by a paper media scanner formed by printing the print data And decrypting the portion corresponding to the secret portion encrypted by the print encryption processing, providing the decrypted image data, and the electronic media data of the encrypted original image data When there is a verification request not involving decryption processing, the partial information, which is information for each part of the information forming the encrypted original image data, is extracted, the feature amount of each partial information is generated, and the signature Compared with the feature amount in the signature information registered by the information registration unit, while providing a comparison result, if there is a verification request accompanied by a decryption process, A verification unit that decrypts the encrypted original image data provided by the disclosure unit with respect to the digitally encrypted confidential portion and provides the decrypted image data. . The image data verification system according to claim 15,
The image data verification system characterized in that, in the encryption unit, the secret part subjected to the digital encryption process is registered in a form embedded in the original image data. The image data verification system according to claim 15,
The disclosure request by the electronic media in the disclosure unit includes the signature information and the digital encrypted data together with the encrypted original image data, and the verification unit provides the encryption provided by the disclosure unit An image data verification system, wherein verification is performed using the signature information and the digitally encrypted data together with the finished original image data. The image data verification system according to claim 15,
In the print encryption processing in the encryption unit, after performing entropy compression / expansion on the original image data, partial information that is information for each part of information forming the original image data is extracted, and each piece of partial information An image data verification system that generates signature information obtained by generating a feature amount and adding a signature to the set of feature amounts. The image data verification system according to claim 18,
2. The image data verification system according to claim 1, wherein the original image data is JPEG compressed image data. The image data verification system according to claim 15,
The image data verification system, wherein the signature information in the signature information registration unit is stored in the original image data.

Images